commit 610a2726052fb6a154bd571ff7a2e1caf808970d
Author: steckerhalter <steckerhalter@postmomentum.ch>
Date:   Sun Mar 18 11:10:51 2018 +0100

    init

diff --git a/etc/apache2/sites-available/searx-le-ssl.conf b/etc/apache2/sites-available/searx-le-ssl.conf
new file mode 100644
index 0000000..a43dd0e
--- /dev/null
+++ b/etc/apache2/sites-available/searx-le-ssl.conf
@@ -0,0 +1,16 @@
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+    ServerAdmin info@openworlds.info
+    ServerName openworlds.info
+    Header always set Strict-Transport-Security "max-age=63072000"
+    ServerSignature Off
+    ProxyPass / http://127.0.0.1:4004/
+    ProxyPassReverse / http://127.0.0.1:4004/
+    RemoteIPHeader X-Forwarded-For
+    RemoteIPTrustedProxy 127.0.0.1
+    # ProxyPass / unix:/run/uwsgi/app/searx/socket|uwsgi://searx/
+    SSLCertificateFile /etc/letsencrypt/live/openworlds.info/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/openworlds.info/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+</VirtualHost>
+</IfModule>
diff --git a/etc/apache2/sites-available/searx.conf b/etc/apache2/sites-available/searx.conf
new file mode 100644
index 0000000..f659c0c
--- /dev/null
+++ b/etc/apache2/sites-available/searx.conf
@@ -0,0 +1,8 @@
+<VirtualHost *:80>
+    ServerAdmin info@openworlds.info
+    ServerName openworlds.info
+    ServerSignature Off
+    RewriteEngine on
+    RewriteCond %{SERVER_NAME} =openworlds.info
+    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+</VirtualHost>
diff --git a/usr/local/filtron/rules.json b/usr/local/filtron/rules.json
new file mode 100644
index 0000000..8258c3f
--- /dev/null
+++ b/usr/local/filtron/rules.json
@@ -0,0 +1,62 @@
+[
+    {
+        "name": "search request",
+        "filters": ["Param:q", "Path=^(/|/search)$"],
+        "interval": 60, 
+        "limit": 60,
+        "subrules": [
+            {
+                "name": "roboagent limit",
+                "interval": 60,
+                "limit": 5,
+                "filters": ["Header:User-Agent=(curl|cURL|Wget|python-requests|Scrapy|FeedFetcher|Go-http-client)"],
+                "actions": [
+                    {"name": "block",
+                     "params": {"message": "Rate limit exceeded"}}
+                ]
+            },
+            {
+                "name": "botlimit",
+                "limit": 0,
+                "stop": true,
+                "filters": ["Header:User-Agent=(Googlebot|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT)"],
+                "actions": [
+                    {"name": "block",
+                     "params": {"message": "Rate limit exceeded"}}
+                ]
+            },
+            {
+                "name": "IP limit",
+                "interval": 60,
+                "limit": 15,
+                "stop": true,
+                "aggregations": ["Header:X-Forwarded-For"],
+                "actions": [
+                    {"name": "block",
+                     "params": {"message": "Rate limit exceeded"}}
+                ]
+            },
+            {
+                "name": "rss/json limit",
+                "interval": 60,
+                "limit": 15,
+                "stop": true,
+                "filters": ["Param:format=(csv|json|rss)"],
+                "actions": [
+                    {"name": "block",
+                     "params": {"message": "Rate limit exceeded"}}
+                ]
+            },
+            {
+                "name": "useragent limit",
+                "interval": 60,
+                "limit": 15,
+                "aggregations": ["Header:User-Agent"],
+                "actions": [
+                    {"name": "block",
+                     "params": {"message": "Rate limit exceeded"}}
+                ]
+            }
+        ]
+    }
+]